目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-470 使用外部可控制的输入来选择类或代码(不安全的反射) 类漏洞列表 35

CWE-470 使用外部可控制的输入来选择类或代码(不安全的反射) 类弱点 35 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-470 属于不安全反射漏洞,指程序利用外部输入通过反射机制动态选择类或方法,却未对输入进行充分校验。攻击者可构造恶意输入,诱导系统实例化非预期类或调用危险方法,从而执行任意代码或导致拒绝服务。开发者应避免直接信任外部输入,需实施严格的白名单验证机制,限制可反射的类范围,并采用安全的替代方案以消除动态加载风险。

MITRE CWE 官方描述
CWE:CWE-470 使用外部控制的输入来选择类或代码('不安全的反射') 英文:该产品使用带有反射的外部输入来选择要使用的类或代码,但它未能充分防止输入选择不当的类或代码。 如果产品使用外部输入来确定要实例化的类或要调用的方法,那么攻击者可以提供值来选择非预期的类或方法。如果发生这种情况,攻击者可以创建开发者未预期的控制流路径。这些路径可能会绕过身份验证或访问控制检查,或以其他方式导致产品以非预期的方式运行。如果攻击者能够将文件上传到出现在产品的类路径(CWE-427)中的位置,或者向产品的类路径(CWE-426)添加新条目,则这种情况将演变为一种灾难性场景。在这两种情况下,攻击者都可以使用反射向产品引入新的恶意行为。
常见影响 (3)
Integrity, Confidentiality, Availability, OtherExecute Unauthorized Code or Commands, Alter Execution Logic
The attacker might be able to execute code that is not directly accessible to the attacker. Alternately, the attacker could call unexpected code in the wrong place or the wrong time, possibly modifying critical system state.
Availability, OtherDoS: Crash, Exit, or Restart, Other
The attacker might be able to use reflection to call the wrong code, possibly with unexpected arguments that violate the API (CWE-227). This could cause the product to exit or hang.
ConfidentialityRead Application Data
By causing the wrong code to be invoked, the attacker might be able to trigger a runtime error that leaks sensitive information in the error message, such as CWE-536.
缓解措施 (3)
Architecture and DesignRefactor your code to avoid using reflection.
Architecture and DesignDo not use user-controlled inputs to select and load classes or code.
ImplementationApply strict input validation by using allowlists or indirect selection to ensure that the user is only selecting allowable classes or code.
代码示例 (1)
A common reason that programmers use the reflection API is to implement their own command dispatcher. The following example shows a command dispatcher that does not use reflection:
String ctl = request.getParameter("ctl"); Worker ao = null; if (ctl.equals("Add")) { ao = new AddCommand(); } else if (ctl.equals("Modify")) { ao = new ModifyCommand(); } else { throw new UnknownActionError(); } ao.doAction(request);
Good · Java
String ctl = request.getParameter("ctl"); Class cmdClass = Class.forName(ctl + "Command"); Worker ao = (Worker) cmdClass.newInstance(); ao.doAction(request);
Bad · Java
CVE ID标题CVSS风险等级Published
CVE-2026-8178 Amazon Redshift JDBC 远程代码执行漏洞 — Amazon Redshift JDBC Driver 8.1 High2026-05-08
CVE-2026-44339 PraisonAI 工具执行漏洞:未声明 callable 导致执行 — PraisonAI 8.6 High2026-05-08
CVE-2026-42027 Apache OpenNLP 扩展加载器任意类实例化漏洞 — Apache OpenNLP 9.8AICriticalAI2026-05-04
CVE-2026-41175 Statamic 安全漏洞 — cms 8.1 High2026-04-22
CVE-2018-25239 Smart VPN 安全漏洞 — Smart VPN 6.2 Medium2026-04-04
CVE-2026-23923 Zabbix 安全漏洞 — Zabbix 9.8 -2026-03-24
CVE-2026-33157 Craft CMS 安全漏洞 — cms 8.8 -2026-03-24
CVE-2026-32264 Craft CMS 安全漏洞 — cms 7.2AIHighAI2026-03-16
CVE-2026-32263 Craft CMS 安全漏洞 — cms 9.1AICriticalAI2026-03-16
CVE-2026-25498 Craft CMS 安全漏洞 — cms 7.2AIHighAI2026-02-09
CVE-2025-68455 Craft CMS 安全漏洞 — cms 7.2 -2026-01-05
CVE-2025-34393 Barracuda Service Center 安全漏洞 — RMM 9.8AICriticalAI2025-12-10
CVE-2025-12967 Npgsql 安全漏洞 — JDBC Wrapper 8.0 High2025-11-10
CVE-2025-61925 Astro 安全漏洞 — astro 6.5 Medium2025-10-10
CVE-2025-53693 Sitecore Experience Manager 安全漏洞 — Sitecore Experience Manager (XM) 9.8 Critical2025-09-03
CVE-2025-31119 generator-jhipster-entity-audit 安全漏洞 — generator-jhipster-entity-audit 7.7 High2025-04-03
CVE-2025-2794 Kentico Xperience 安全漏洞 — Xperience 7.5 -2025-03-31
CVE-2024-4990 Yii2 安全漏洞 — yiisoft/yii2 9.8 -2025-03-20
CVE-2024-53850 Fields GLPI plugin 安全漏洞 — addressing 8.2 High2024-12-26
CVE-2024-7059 Genetec Security Center 安全漏洞 — Genetec Security Center 8.0 High2024-11-05
CVE-2024-8015 Progress Software Telerik Report Server 安全漏洞 — Telerik Reporting 9.1 Critical2024-10-09
CVE-2024-8048 Progress Software Telerik Reporting 安全漏洞 — Telerik Reporting 7.8 High2024-10-09
CVE-2024-8014 Progress Software Telerik Report Server 安全漏洞 — Telerik Reporting 8.8 High2024-10-09
CVE-2024-6096 Progress Software Telerik Reporting 安全漏洞 — Telerik Reporting 8.8 High2024-07-24
CVE-2024-1574 Mitsubishi Electric MC Works64 安全漏洞 — GENESIS64 6.7 Medium2024-07-04
CVE-2024-28121 StimulusReflex 安全漏洞 — stimulus_reflex 8.8 High2024-03-12
CVE-2023-6943 Mitsubishi Electric 多款产品安全漏洞 — EZSocket 9.8 Critical2024-01-30
CVE-2024-0200 GitHub Enterprise Server 安全漏洞 — Enterprise Server 7.2 High2024-01-16
CVE-2023-32217 IdentityIQ 安全漏洞 — IdentityIQ 9.0 Critical2023-05-31
CVE-2023-0460 Alphabet YouTube Embedded 安全漏洞 — YouTube Android Player API SDK 5.1 Medium2023-03-01

CWE-470(使用外部可控制的输入来选择类或代码(不安全的反射)) 是常见的弱点类别,本平台收录该类弱点关联的 35 条 CVE 漏洞。